Pinned Repositories
0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
aaaAyyYy
简单的分离免杀demo
Active-Directory-Pentest-Notes
个人域渗透学习笔记
AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
Altman
the cross platform webshell tool in .NET
Exploit-Dictionary
MiscSecNotes
some learning notes about Web/Cloud/Docker Security、 Penetration Test、 Security Building
PrintSpoofer
Abusing Impersonation Privileges on Windows 10 and Server 2019 本地提权2012-2019
Windows-Fuck
Windows 下的提权大合集,提权,我的最爱!
zaproxy
The OWASP ZAP core project
whojeff's Repositories
whojeff/PrintSpoofer
Abusing Impersonation Privileges on Windows 10 and Server 2019 本地提权2012-2019
whojeff/JavaFileDict
Java应用的一些配置文件字典,来源于公开的字典与平时收集
whojeff/0day
各种CMS、各种平台、各种系统、各种软件漏洞的EXP、POC 该项目将不断更新
whojeff/aaaAyyYy
简单的分离免杀demo
whojeff/Antivirus_R3_bypass_demo
分别用R3的0day与R0的0day来干掉杀毒软件
whojeff/BypassShell
anti AV
whojeff/Cas_Exploit
CAS反序列化漏洞利用工具
whojeff/CobaltStrike
CobaltStrike's source code
whojeff/CyberChef
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
whojeff/EHole
EHole(棱洞)-红队重点攻击系统指纹探测工具
whojeff/Exp-collect
whojeff/Fake-flash.cn
www.flash.cn 的钓鱼页,中文+英文
whojeff/geacon
Practice Go programming and implement CobaltStrike's Beacon in Go
whojeff/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
whojeff/Hessian-Deserialize-RCE
Hession-Deserialize-RCE 反序列化命令执行
whojeff/Homework-of-C-Language
C/C++ code examples of my blog.
whojeff/jsp-webshell
single file jsp webshell, work on jdk5+
whojeff/MDUT
MDUT - Multiple Database Utilization Tools
whojeff/MSSQL_BackDoor
whojeff/OA-ezOFFICE
whojeff/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
whojeff/Security_Learning
Security Learning For All~
whojeff/shiro_exp
shiro_rememberme 反序列化漏洞 利用EXP
whojeff/Shiro_Xray
CommonsBeanutils1,CommonsCollectionsK1
whojeff/ShiroScan
Shiro<=1.2.4反序列化,一键检测工具
whojeff/SimpleShellcodeInjector
SimpleShellcodeInjector receives as an argument a shellcode in hex and executes it. It DOES NOT inject the shellcode in a third party application.
whojeff/SpringBootVulExploit
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 checklist
whojeff/TongDaOA-Fake-User
通达OA 任意用户登录漏洞
whojeff/whojeff.github.io
纯属娱乐
whojeff/xray
xray 安全评估工具